Bitwarden launches standalone Bitwarden Authenticator app
Bitwarden has released a first public version of Bitwarden Authenticator, a two-factor authentication app for Android and iOS.
The app generates codes for services, which are then required to sign to accounts. This second step of authentication improves account security. Attackers would need access to the username and password, and the time-based code to gain access to the account.
The Bitwarden password manager supports generating two factor authentication codes already, but the feature requires a premium account. While supported, some users may prefer to separate the generation of two factor authentication codes from their password manager.
Bitwarden users may also use the authenticator to generate codes for access to Bitwarden's password manager. It is also possible to use passkeys to sign in to Bitwarden.
The authenticator app is free to use, which means that it is available to all Bitwarden users and everyone else.
Tip: you can check out our list of the best authenticator apps for Android and iOS here.
Bitwarden Authenticator
Bitwarden Authenticator is available for iOS and Android. Like Bitwarden, it is an open source application. Interested users may access the GitHub repositories for Android and iOS.
The app does not require the password manager Bitwarden, it can be used as a standalone program. An account is not required either.
Bitwarden Authenticator works like other authenticator apps. The initial version offers basic functionality only, though.
A short intro explains the core concept on first run. Click on the plus icon to set up a new service. You may use the device's camera to scan a QR code or type a code manually.
To get these, it is necessary to sign in to the account that you want to protect with two-factor authentication.
The authenticator app supports TOTP, which most online services do support.
The application does not support extra protection at this point. There is no option to set up a password. Other authenticator apps, for instance Aegis, support this security feature.
Data is backed up only as part of the phone's backup. This is changing in the future. Google Authenticator added support for syncing 2FA codes last year.
Big plans
Bitwarden published a roadmap that highlights upcoming features. These improve the authenticator app significantly.
Here are the features that are in the works:
- Import option.
- Sync option with Bitwarden account and thus secure vault.
- Support for push-based 2FA.
- Account recovery.
- Workforce authentication.
Closing Words
The initial version of Bitwarden Authenticator is a bare bones authenticator app. You can add services to it to create authenticator codes for them.
On the plus side, it is open source and does not require Bitwarden or an account to use.
Downside is that it lacks features, for instance sync or password protection, that popular authenticators support. These are in development, however. Import could also be an interesting feature, provided that popular authenticator apps are supported.
The application is a good option for Bitwarden users who want to protect their account with another layer of protection, and have not done so already.
Uses who already use another authenticator app may want to wait until importing becomes available, as manual switching is cumbersome.
Do you use authenticator apps to protect your accounts? What is your preferred authenticator apps right now, and would you consider using Bitwarden Authenticator?
Why do people want it on Windows? just use your phone, no??
Linking/syncing/connecting in any way the 2FA codes with login passwords within the same user account, sounds like a very bad idea.
@Fred: For my part, re: Question 1, I have just poked around the GitHub repository and even checked both their FAQ and roadmap for the Authenticator app. Regrettably, it doesn’t seem to be intended to be extended to Windows.
Thanks, @Peter Parker Kent. I have just searched their Forum, and I have found one post — very recent — asking if ‘Windows was in the works’. See the early part of .
https://community.bitwarden.com/t/introducing-the-standalone-bitwarden-authenticator/66382
The forum leader’s response to the post says that ‘Desktop apps are under consideration.’ That is hopeful, but of course it is a rather less official than their GitHub website.
I have now registered and added a post supporting the request for Bitwarden Authenticator to be extended to Windows.
Martin, are you able to make an ‘official’ request to Bitwarden about this? Your review about them is enthusiastic, so they may take some notice. It would make their Authenticator by far the best app on offer.
Thanks very much for this, Martin. With Authy now gone, with pathetic reasons, there is real need for an authenticator that lives on Windows and Android. We use RoboForm, which recently added an authenticator, but as you say, it is better to separate the password manager and the authenticator. Two questions:
QUESTION 1: My wife and I use Windows PCs and Android phone. Does Bitwarden intend extending it to Windows, where most people live? .Having it only on Android is dangerous if my phone is lost or at the menders.
QUESTION 2: Does it sync data our amongst all our devices, or will it in the future? If so, will this always require a paid licence with Bitwarden?
and detailed instructions to use the app are available…
…
…
where?